Test
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
February 1994
- 23 participants
- 31 discussions
The following changes have been made to the NSFNET policy-based routing
database and will be installed on the backbone by 08:00 EST :
Total = */8 + */16 + */24 + Other
Configured Networks 23986 = 28 4369 19589 0
Added Networks 143 = 0 8 135 0
Deleted Networks 0 = 0 0 0 0
IP address Net name Country Priority:AS
---------- -------- ------- -----------
133.149/16 OKI-INTERNET C:JP 1:2149 2:174
138.205/16 KNP-NET C:NL 1:701 2:1800
145.75/16 HMN-UTRECHT C:NL 1:1800 2:1133 3:1674 4:1240
159.182/16 NCSIMAGING C:US 1:1800 2:1240
161.7/16 MT-GOV C:US 1:1800 2:1240
162.134/16 ROCHE-BIOMED C:US 1:2149 2:174
165.176/16 COVANET C:US 1:1800 2:1240
166.67/16 COVANET-B2 C:US 1:1800 2:1240
192.44.150/24 PGXPRES-C-44-150 C:US 1:600
192.104.166/24 RSC-NET C:US 1:2150 2:200 3:201
192.112.22/24 PSCNI-NETS2 C:US 1:297 2:372
192.114.5/24 ILCTEHOL-NET C:IL 1:2149 2:174 3:1800 4:1240 5:1133
192.114.166/24 UBIQUE-NET C:IL 1:2149 2:174 3:1800 4:1240 5:1133
192.114.167/24 ETZION-NET C:IL 1:2149 2:174 3:1800 4:1240 5:1133
192.159.12/24 NETCOM27 C:US 1:2551
192.189.45/24 RSC-NET2 C:US 1:2150 2:200 3:201
192.189.46/24 RSC-NET3 C:US 1:2150 2:200 3:201
192.189.47/24 RSC-NET4 C:US 1:2150 2:200 3:201
192.189.48/24 RSC-NET5 C:US 1:2150 2:200 3:201
192.194.25/24 TELE-BRU C:BE 1:1800 2:1879 3:1133 4:1240
192.195.201/24 MV-D20 C:US 1:209 2:210
192.216.186/24 PARALLAX-C-216-186 C:US 1:200 2:201
192.220.226/24 COCC-NET3 C:US 1:685 2:73 3:101
193.10.40/24 SE-CBNA C:SE 1:1800 2:1879 3:1133 4:1240
193.26.248/24 MUP-NET-WIESBADEN C:DE 1:1324 2:1800 3:1240 4:1133
193.26.252/24 MUP-NET-DATEXP C:DE 1:1324 2:1800 3:1240 4:1133
193.59.124/24 SENAT-GOV-PL C:PL 1:1800 2:1879 3:1133 4:1240
193.59.131/24 WIMAL-LAN C:PL 1:1800 2:1879 3:1133 4:1240
193.59.204/24 NASK-LOCAL-NET C:PL 1:1800 2:1879 3:1133 4:1240
193.66.8/24 EUNET13 C:FI 1:701 2:1800
193.66.9/24 EUNET14 C:FI 1:701 2:1800
193.69.44/24 CORENA-ASKER C:NO 1:701 2:1800
193.69.46/24 CORENA-KONGSBERG C:NO 1:701 2:1800
193.71.7/24 EUNET-NO-KONGSBERG C:NO 1:701 2:1800
193.84.92/24 LIB2ND C:CZ 1:1800 2:1133 3:1240
193.104.2/24 FR-SITE C:FR 1:701 2:1800
193.117.118/24 TANDF-NET-C-117-118 C:GB 1:701 2:1800
193.117.119/24 TANDF-NET-C-117-119 C:GB 1:701 2:1800
193.141.26/24 GTCNET2 C:DE 1:1324 2:1800 3:1240 4:1133
193.184.113/24 HAMKK-NET2 C:FI 1:701 2:1800
193.184.114/24 HAMKK-NET3 C:FI 1:701 2:1800
193.184.115/24 HAMKK-NET4 C:FI 1:701 2:1800
193.184.116/24 HAMKK-NET6 C:FI 1:701 2:1800
193.184.117/24 HAMKK-NET6 C:FI 1:701 2:1800
193.184.118/24 HAMKK-NET7 C:FI 1:701 2:1800
193.184.119/24 HAMKK-NET8 C:FI 1:701 2:1800
193.232.0/24 RSSI-INTERCONECT C:RU 1:297 2:372
193.232.3/24 ASC-LAN-C-232-3 C:RU 1:297 2:372
193.232.4/24 ASC-LAN-C-232-4 C:RU 1:297 2:372
193.232.8/24 IKI-LAN C:RU 1:297 2:372
198.5.4/24 IBMNY C:US 1:701 2:702
198.5.104/24 POWERHOUSE1 C:US 1:701 2:702
198.5.105/24 POWERHOUSE2 C:US 1:701 2:702
198.5.106/24 POWERHOUSE3 C:US 1:701 2:702
198.5.107/24 POWERHOUSE4 C:US 1:701 2:702
198.5.184/24 ROLLCIM-NET C:US 1:701 2:702
198.17.203/24 REDBRICKLG2 C:US 1:2149 2:174
198.17.204/24 REDBRICKLG3 C:US 1:2149 2:174
198.31.75/24 CALACAD2-C-31-75 C:US 1:200 2:201
198.31.76/24 CALACAD2-C-31-76 C:US 1:200 2:201
198.31.77/24 CALACAD2-C-31-77 C:US 1:200 2:201
198.31.78/24 CALACAD2-C-31-78 C:US 1:200 2:201
198.49.174/24 WWA C:US 1:1800 2:1240
198.59.209/24 WESTNET-C-59-209 C:US 1:1800 2:1240 3:209 4:210
198.80.44/24 BORG-NET1 C:US 1:1326
198.80.45/24 BORG-NET2 C:US 1:1326
198.87.254/24 CICNET-C-87-254 C:US 1:266 2:1225 3:267
198.107.0/24 OGIT-NET-C-107-0 C:US 1:685 2:73 3:101
198.107.1/24 OGIT-NET-C-107-1 C:US 1:685 2:73 3:101
198.107.2/24 OGIT-NET-C-107-2 C:US 1:685 2:73 3:101
198.107.3/24 OGIT-NET-C-107-3 C:US 1:685 2:73 3:101
198.107.4/24 OGIT-NET-C-107-4 C:US 1:685 2:73 3:101
198.107.5/24 OGIT-NET-C-107-5 C:US 1:685 2:73 3:101
198.107.6/24 OGIT-NET-C-107-6 C:US 1:685 2:73 3:101
198.107.7/24 OGIT-NET-C-107-7 C:US 1:685 2:73 3:101
198.107.8/24 OGIT-NET-C-107-8 C:US 1:685 2:73 3:101
198.107.9/24 OGIT-NET-C-107-9 C:US 1:685 2:73 3:101
198.107.10/24 OGIT-NET-C-107-10 C:US 1:685 2:73 3:101
198.107.11/24 OGIT-NET-C-107-11 C:US 1:685 2:73 3:101
198.107.12/24 OGIT-NET-C-107-12 C:US 1:685 2:73 3:101
198.107.13/24 OGIT-NET-C-107-13 C:US 1:685 2:73 3:101
198.107.14/24 OGIT-NET-C-107-14 C:US 1:685 2:73 3:101
198.107.15/24 OGIT-NET-C-107-15 C:US 1:685 2:73 3:101
198.107.16/24 OGIT-NET-C-107-16 C:US 1:685 2:73 3:101
198.107.17/24 OGIT-NET-C-107-17 C:US 1:685 2:73 3:101
198.107.18/24 OGIT-NET-C-107-18 C:US 1:685 2:73 3:101
198.107.19/24 OGIT-NET-C-107-19 C:US 1:685 2:73 3:101
198.110.196/24 NMU-C-110-196 C:US 1:237 2:233 3:266 4:267 5:1225
198.110.197/24 NMU-C-110-197 C:US 1:237 2:233 3:266 4:267 5:1225
198.110.198/24 NMU-C-110-198 C:US 1:237 2:233 3:266 4:267 5:1225
198.111.96/24 AADSNET1 C:US 1:237 2:233 3:266 4:267 5:1225
198.111.97/24 AADSNET2 C:US 1:237 2:233 3:266 4:267 5:1225
198.113.186/24 MYCO1 C:US 1:560 2:701
198.148.149/24 AUS-CONV-CTR C:US 1:114
198.168.100/24 CAM-NET-1 C:CA 1:701 2:702
198.168.101/24 CAM-NET-2 C:CA 1:701 2:702
198.168.102/24 CHAMPLAIN-NET-0 C:CA 1:701 2:702
198.168.103/24 CHAMPLAIN-NET-01 C:CA 1:701 2:702
198.174.1/24 ANOKACO1 C:US 1:1225 2:267 3:266 4:555
198.174.2/24 ANOKACO2 C:US 1:1225 2:267 3:266 4:555
198.174.3/24 ANOKACO3 C:US 1:1225 2:267 3:266 4:555
198.174.4/24 ANOKACO4 C:US 1:1225 2:267 3:266 4:555
198.174.5/24 ANOKACO5 C:US 1:1225 2:267 3:266 4:555
198.231.72/24 STERLING-OTT C:CA 1:701 2:702
198.231.76/24 NORTHYORK-LIB-1 C:CA 1:701 2:702
198.231.77/24 NORTHYORK-LIB-2 C:CA 1:701 2:702
198.231.80/24 OCHOSP-NET C:CA 1:701 2:702
198.231.81/24 OCHOSP-NET-2 C:CA 1:701 2:702
198.231.82/24 OCHOSP-NET-3 C:CA 1:701 2:702
198.231.83/24 OCHOSP-NET-4 C:CA 1:701 2:702
198.231.84/24 OCHOSP-NET-5 C:CA 1:701 2:702
198.231.85/24 OCHOSP-NET-6 C:CA 1:701 2:702
198.231.86/24 OCHOSP-NET-7 C:CA 1:701 2:702
198.231.87/24 OCHOSP-NET-8 C:CA 1:701 2:702
198.231.88/24 NORTHYORK-LIB-C-231-8 C:CA 1:701 2:702
198.231.89/24 NORTHYORK-LIB-C-231-8 C:CA 1:701 2:702
198.231.90/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.91/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.92/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.93/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.94/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.95/24 NORTHYORK-LIB-C-231-9 C:CA 1:701 2:702
198.231.99/24 HUMMINGBIRD C:CA 1:701 2:702
198.252.165/24 DILAN-C-252-165 C:US 1:1800 2:1240
199.0.70/24 CHARMNET C:US 1:1800 2:1240
199.2.50/24 DTG-C-2-50 C:US 1:1240 2:1800
199.2.51/24 DTG-C-2-51 C:US 1:1240 2:1800
199.33.183/24 GNO-DESIGN C:US 1:1225 2:267 3:266 4:555
199.45.128/24 COOP-NET-C-45-128 C:US 1:1240 2:1800
199.45.129/24 COOP-NET-C-45-129 C:US 1:1240 2:1800
199.45.131/24 COOP-NET-C-45-131 C:US 1:1240 2:1800
199.45.132/24 COOP-NET-C-45-132 C:US 1:1240 2:1800
199.45.133/24 COOP-NET-C-45-133 C:US 1:1240 2:1800
199.45.134/24 COOP-NET-C-45-134 C:US 1:1240 2:1800
199.45.135/24 COOP-NET-C-45-135 C:US 1:1240 2:1800
199.45.136/24 COOP-NET-C-45-136 C:US 1:1240 2:1800
199.45.199/24 COOP-NET-C-45-199 C:US 1:1240 2:1800
199.97.186/24 PSINET-C5-186 C:US 1:2149 2:174
199.97.188/24 PSINET-C5-188 C:US 1:2149 2:174
199.97.189/24 PSINET-C5-189 C:US 1:2149 2:174
199.97.190/24 PSINET-C5-190 C:US 1:2149 2:174
202.40.138/24 USTHK-NETC-C-40-138 C:HK 1:372 2:297
202.40.139/24 USTHK-NETC-C-40-139 C:HK 1:372 2:297
Deletions:
<none>
Expanded listing, sorted by country, then by organization:
==========================================================
Belgium
-------
Telecom Finland International, Brussels, BELGIUM
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
-------------
192.194.25/24 TELE-BRU (BE)
Canada
------
Champlain Regional College, 900 Riverside Drive, St. Lambert, Quebec, J4P
3P2, CANADA
1:701 Alternet
2:702 Alternet
--------------
198.168.102/24 CHAMPLAIN-NET-0 (CA)
198.168.103/24 CHAMPLAIN-NET-01 (CA)
Communications Accessibles Montreal Inc., 9025 Boul. Rivard, Brossard,
Quebec, J4X 1V5, CANADA
1:701 Alternet
2:702 Alternet
--------------
198.168.100/24 CAM-NET-1 (CA)
198.168.101/24 CAM-NET-2 (CA)
Hummingbird Communications Ltd., 2900 John St., Unit 4, Markham, ON, L3R
5G3, CANADA
1:701 Alternet
2:702 Alternet
-------------
198.231.99/24 HUMMINGBIRD (CA)
North York Public Library, 120 Martin Ross Ave., North York, ON, M3J 2L4,
CANADA
1:701 Alternet
2:702 Alternet
-------------
198.231.76/24 NORTHYORK-LIB-1 (CA)
198.231.77/24 NORTHYORK-LIB-2 (CA)
198.231.88/24 NORTHYORK-LIB-C-231-8 (CA)
198.231.89/24 NORTHYORK-LIB-C-231-8 (CA)
198.231.90/24 NORTHYORK-LIB-C-231-9 (CA)
198.231.91/24 NORTHYORK-LIB-C-231-9 (CA)
198.231.92/24 NORTHYORK-LIB-C-231-9 (CA)
198.231.93/24 NORTHYORK-LIB-C-231-9 (CA)
198.231.94/24 NORTHYORK-LIB-C-231-9 (CA)
198.231.95/24 NORTHYORK-LIB-C-231-9 (CA)
Ottawa Civic Hospital, 1053 Carling Avenue, Ottawa, ON, K1Y 4E9, CANADA
1:701 Alternet
2:702 Alternet
-------------
198.231.80/24 OCHOSP-NET (CA)
198.231.81/24 OCHOSP-NET-2 (CA)
198.231.82/24 OCHOSP-NET-3 (CA)
198.231.83/24 OCHOSP-NET-4 (CA)
198.231.84/24 OCHOSP-NET-5 (CA)
198.231.85/24 OCHOSP-NET-6 (CA)
198.231.86/24 OCHOSP-NET-7 (CA)
198.231.87/24 OCHOSP-NET-8 (CA)
Sterling Software, Suite 500, 36 Antares Drive, Nepean, ON, K2E 7W5, CANADA
1:701 Alternet
2:702 Alternet
-------------
198.231.72/24 STERLING-OTT (CA)
Czech Republic
--------------
Secondary Librarian School, Za zelenou liskou 350, Prague 4, 140 00, CZECH
REPUBLIC
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1240 ICM-Pacific
------------
193.84.92/24 LIB2ND (CZ)
Finland
-------
EUnet Finland, Punavuorenkatu 1, FI-00120 HELSINKI, FINLAND
1:701 Alternet
2:1800 ICM-Atlantic
-----------
193.66.8/24 EUNET13 (FI)
193.66.9/24 EUNET14 (FI)
Hameen Ammattikorkeakoulu, Jaakonkatu 28, FI-13100 HAMEENLINNA, FINLAND
1:701 Alternet
2:1800 ICM-Atlantic
--------------
193.184.113/24 HAMKK-NET2 (FI)
193.184.114/24 HAMKK-NET3 (FI)
193.184.115/24 HAMKK-NET4 (FI)
193.184.116/24 HAMKK-NET6 (FI)
193.184.117/24 HAMKK-NET6 (FI)
193.184.118/24 HAMKK-NET7 (FI)
193.184.119/24 HAMKK-NET8 (FI)
France
------
SITE EUROLANG, 2, rue Louis Pergaud, F-94700 Maisons-Alfort, FRANCE
1:701 Alternet
2:1800 ICM-Atlantic
------------
193.104.2/24 FR-SITE (FR)
Germany
-------
GTC Communication GmbH, Alexanderstrasse 79, D-70182 Stuttgart, GERMANY
1:1324 ANS New York City - DNSS 35
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
4:1133 CERN/DANTE
-------------
193.141.26/24 GTCNET2 (DE)
Mummert und Partner Unternehmensberatung GmbH, Neue Weyerstr. 6, D-50676
Koeln, GERMANY
1:1324 ANS New York City - DNSS 35
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
4:1133 CERN/DANTE
-------------
193.26.248/24 MUP-NET-WIESBADEN (DE)
193.26.252/24 MUP-NET-DATEXP (DE)
Hong Kong
---------
The Hong Kong University of Science & Technology, Clear Water Bay Road, Sai
Kung, HONG KONG
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
-------------
202.40.138/24 USTHK-NETC-C-40-138 (HK)
202.40.139/24 USTHK-NETC-C-40-139 (HK)
Israel
------
Center for Technological Education Holon, POB 305, 52 Golomb St, Holon,
90940, ISRAEL
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
3:1800 ICM-Atlantic
4:1240 ICM-Pacific
5:1133 CERN/DANTE
------------
192.114.5/24 ILCTEHOL-NET (IL)
Ubique Ltd., Gruss Building, Weizmann Institute Campus, Rehovot, 76100,
ISRAEL
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
3:1800 ICM-Atlantic
4:1240 ICM-Pacific
5:1133 CERN/DANTE
--------------
192.114.166/24 UBIQUE-NET (IL)
Yeshivat Har Etzion, Alon Shevut, Gush Etzion, 90940, ISRAEL
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
3:1800 ICM-Atlantic
4:1240 ICM-Pacific
5:1133 CERN/DANTE
--------------
192.114.167/24 ETZION-NET (IL)
Japan
-----
Oki Electric Industry Company, Ltd., 3-B23, Nakase 1-Chome, Mihama-ku,
Chiba-shi, Chiba, 261-01, JAPAN
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
----------
133.149/16 OKI-INTERNET (JP)
Netherlands
-----------
Hogeschool Midden Nederland, Utrecht, NETHERLANDS
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
---------
145.75/16 HMN-UTRECHT (NL)
KNP Leykam, Erasmusdomein 50, NL-6229 BC Maastricht, NETHERLANDS
1:701 Alternet
2:1800 ICM-Atlantic
----------
138.205/16 KNP-NET (NL)
Norway
------
Corena AS, Postboks 1024, N-3601 Kongsberg, NORWAY
1:701 Alternet
2:1800 ICM-Atlantic
------------
193.69.44/24 CORENA-ASKER (NO)
193.69.46/24 CORENA-KONGSBERG (NO)
EUnet Norway, Forskningsparken, Gaustadallen 21, N-0371 Oslo, NORWAY
1:701 Alternet
2:1800 ICM-Atlantic
-----------
193.71.7/24 EUNET-NO-KONGSBERG (NO)
Poland
------
Kancelaria Senatu RP, Wiejska 6, 00-902 Warszawa, POLAND
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
-------------
193.59.124/24 SENAT-GOV-PL (PL)
Research and Academic Networks in Poland, Bartycka 18, 00-716 Warsaw,
POLAND
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
-------------
193.59.204/24 NASK-LOCAL-NET (PL)
Wimal Int., Sniadeckich 17, 00-654 Warszawa, POLAND
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
-------------
193.59.131/24 WIMAL-LAN (PL)
Russian Federation
------------------
Astro Space Center, 84/32 Psofsouznja St, Moscow, RUSSIAN FEDERATION
1:297 Nasa Science Network (FIX-East)
2:372 Nasa Science Network (FIX-West)
------------
193.232.3/24 ASC-LAN-C-232-3 (RU)
Institute of Applied Mathematics, 84/32 Psofsouznja St, Moscow, RUSSIAN
FEDERATION
1:297 Nasa Science Network (FIX-East)
2:372 Nasa Science Network (FIX-West)
------------
193.232.4/24 ASC-LAN-C-232-4 (RU)
Russian Space Research Institute, 84/32 Psofsouznja St, Moscow, RUSSIAN
FEDERATION
1:297 Nasa Science Network (FIX-East)
2:372 Nasa Science Network (FIX-West)
------------
193.232.0/24 RSSI-INTERCONECT (RU)
193.232.8/24 IKI-LAN (RU)
Sweden
------
Central Board of National Antiques, Box 5404, S-114 84 Stockholm, SWEDEN
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
------------
193.10.40/24 SE-CBNA (SE)
United Kingdom
--------------
Taylor and Francis, Rankine Road, Basingstoke, Hants, RG24 8PR, Great
Britain, UNITED KINGDOM
1:701 Alternet
2:1800 ICM-Atlantic
--------------
193.117.118/24 TANDF-NET-C-117-118 (GB)
193.117.119/24 TANDF-NET-C-117-119 (GB)
United States
-------------
Air Force Academy School District 20, Mountain View Elementary, 1655 Spring
Crest Rd., Colorado Springs, CO 80920,
USA
1:209 Westnet Regional Network (Colorado Attachment) - ENSS 141
2:210 Westnet Regional Network (Utah Attachment) - ENSS 142
--------------
192.195.201/24 MV-D20 (US)
Ameritech Advanced Data Services, 339 E. Liberty, Suite 300, Ann Arbor, MI
48104, USA
1:237 MichNet (MERIT)
2:233 UMnet (University of Michigan)
3:266 CICNET at MERIT
4:267 CICNET at UIUC
5:1225 CICNET at Argonne Labs
-------------
198.111.96/24 AADSNET1 (US)
198.111.97/24 AADSNET2 (US)
Austin Convention Center, 500 E. First Street, Austin, TX 78701, USA
1:114 SESQUINET Regional Network
--------------
198.148.149/24 AUS-CONV-CTR (US)
Boeing Computer Support Services, P.O. Box 9022, Huntsville, AL 35812, USA
1:297 Nasa Science Network (FIX-East)
2:372 Nasa Science Network (FIX-West)
-------------
192.112.22/24 PSCNI-NETS2 (US)
CICNet, Inc., 2901 Hubbard Rd, Ann Arbor, MI 48105, USA
1:266 CICNET at MERIT
2:1225 CICNET at Argonne Labs
3:267 CICNET at UIUC
-------------
198.87.254/24 CICNET-C-87-254 (US)
California Academy of Sciences, Golden Gate Park, San Francisco, CA 94118,
USA
1:200 BARRNet
2:201 BARRNet
------------
198.31.75/24 CALACAD2-C-31-75 (US)
198.31.76/24 CALACAD2-C-31-76 (US)
198.31.77/24 CALACAD2-C-31-77 (US)
198.31.78/24 CALACAD2-C-31-78 (US)
Central Oregon Community College, 2600 NW College Way, Bend, OR 97701, USA
1:685 NorthWestNet Regional Network
2:73 NorthWestNet Regional Network
3:101 NorthWestNet Regional Network
--------------
192.220.226/24 COCC-NET3 (US)
Charm Net, 2228 E. Lombard Street, Baltimore, MD 21231, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
-----------
199.0.70/24 CHARMNET (US)
Colorado Internet Cooperative Association, 1495 Canyon Blvd. Suite 35,
Boulder, CO 80302, USA
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
-------------
199.45.128/24 COOP-NET-C-45-128 (US)
199.45.129/24 COOP-NET-C-45-129 (US)
199.45.131/24 COOP-NET-C-45-131 (US)
199.45.132/24 COOP-NET-C-45-132 (US)
199.45.133/24 COOP-NET-C-45-133 (US)
199.45.134/24 COOP-NET-C-45-134 (US)
199.45.135/24 COOP-NET-C-45-135 (US)
199.45.136/24 COOP-NET-C-45-136 (US)
199.45.199/24 COOP-NET-C-45-199 (US)
Computing Engineers Incorporated, P.O. Box 285, Vernon Hills, IL
60061-0285, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
-------------
198.49.174/24 WWA (US)
Critical Technologies Inc., 311 Turner Street, Utica, NY 13501, USA
1:1326 ANS Hartford - DNSS 51
------------
198.80.44/24 BORG-NET1 (US)
198.80.45/24 BORG-NET2 (US)
DILAN, P.O. Box 159, Hickory, NC 28603, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
--------------
198.252.165/24 DILAN-C-252-165 (US)
Data Transfer Group, 2251 San Diego Ave., Suite A-141, San Diego, CA 92110,
USA
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
-----------
199.2.50/24 DTG-C-2-50 (US)
199.2.51/24 DTG-C-2-51 (US)
Department of Information Technology, 110 South 7th Street -- 3rd Floor,
Richmond, VA 23219, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
----------
165.176/16 COVANET (US)
166.67/16 COVANET-B2 (US)
DiviCom, Inc., 580 Cottonwood Drive, Milpitas, CA 95035, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.190/24 PSINET-C5-190 (US)
Honeywell Space Systems, 13350 U.S. Highway 19 N, Clearwater, FL
34624-7290, USA
1:1225 CICNET at Argonne Labs
2:267 CICNET at UIUC
3:266 CICNET at MERIT
4:555 Minnesota Supercomputer Center Network (MSCNet)
-------------
199.33.183/24 GNO-DESIGN (US)
IBM Corporation, Bldg. 9J36 Glendale Lab, Endicott, NY 13760, USA
1:701 Alternet
2:702 Alternet
----------
198.5.4/24 IBMNY (US)
InterCap Graphics Systems, 116 Defense Way, Suite 400, Annapolis, MD 21401,
USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.189/24 PSINET-C5-189 (US)
Minnesota Regional Network, 511 11th Ave. S., Minneapolis, MN 55415, USA
1:1225 CICNET at Argonne Labs
2:267 CICNET at UIUC
3:266 CICNET at MERIT
4:555 Minnesota Supercomputer Center Network (MSCNet)
------------
198.174.1/24 ANOKACO1 (US)
198.174.2/24 ANOKACO2 (US)
198.174.3/24 ANOKACO3 (US)
198.174.4/24 ANOKACO4 (US)
198.174.5/24 ANOKACO5 (US)
Myco Pharmaceuticals, One Kendall Square, Building 300, Cambridge, MA
02139-1562, USA
1:560 NEARnet Regional Network
2:701 Alternet
--------------
198.113.186/24 MYCO1 (US)
NCS Business Systems, 4401 W. 76th Street, Edina, MN 55435, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
----------
159.182/16 NCSIMAGING (US)
NETCOM, 4000 Moorpark Ave #209, San Jose, CA 95117, USA
1:2551 NETCOM
-------------
192.159.12/24 NETCOM27 (US)
Northern Michigan University, 9C Cohodas Admin Center, Marquette, MI 49855,
USA
1:237 MichNet (MERIT)
2:233 UMnet (University of Michigan)
3:266 CICNET at MERIT
4:267 CICNET at UIUC
5:1225 CICNET at Argonne Labs
--------------
198.110.196/24 NMU-C-110-196 (US)
198.110.197/24 NMU-C-110-197 (US)
198.110.198/24 NMU-C-110-198 (US)
OGI Telecomm, 19545 NW Von Neumann Dr. Suite 190, Beaverton, OR 97006, USA
1:685 NorthWestNet Regional Network
2:73 NorthWestNet Regional Network
3:101 NorthWestNet Regional Network
------------
198.107.0/24 OGIT-NET-C-107-0 (US)
198.107.1/24 OGIT-NET-C-107-1 (US)
198.107.2/24 OGIT-NET-C-107-2 (US)
198.107.3/24 OGIT-NET-C-107-3 (US)
198.107.4/24 OGIT-NET-C-107-4 (US)
198.107.5/24 OGIT-NET-C-107-5 (US)
198.107.6/24 OGIT-NET-C-107-6 (US)
198.107.7/24 OGIT-NET-C-107-7 (US)
198.107.8/24 OGIT-NET-C-107-8 (US)
198.107.9/24 OGIT-NET-C-107-9 (US)
198.107.10/24 OGIT-NET-C-107-10 (US)
198.107.11/24 OGIT-NET-C-107-11 (US)
198.107.12/24 OGIT-NET-C-107-12 (US)
198.107.13/24 OGIT-NET-C-107-13 (US)
198.107.14/24 OGIT-NET-C-107-14 (US)
198.107.15/24 OGIT-NET-C-107-15 (US)
198.107.16/24 OGIT-NET-C-107-16 (US)
198.107.17/24 OGIT-NET-C-107-17 (US)
198.107.18/24 OGIT-NET-C-107-18 (US)
198.107.19/24 OGIT-NET-C-107-19 (US)
Order Processing Technologies, Inc., 971 Concord Street, Framingham, MA
01701, USA
1:701 Alternet
2:702 Alternet
------------
198.5.184/24 ROLLCIM-NET (US)
Parallax Graphics, Inc., 2500 Condensa Street, Santa Clara, CA 95051, USA
1:200 BARRNet
2:201 BARRNet
--------------
192.216.186/24 PARALLAX-C-216-186 (US)
Peterson's Guides, 202 Carnegie Center, Princeton, NJ 08543-2123, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.188/24 PSINET-C5-188 (US)
PowerHouse Systems, Inc., 123 Saginaw Drive, Redwood City, CA 94063, USA
1:701 Alternet
2:702 Alternet
------------
198.5.104/24 POWERHOUSE1 (US)
198.5.105/24 POWERHOUSE2 (US)
198.5.106/24 POWERHOUSE3 (US)
198.5.107/24 POWERHOUSE4 (US)
Rancho Santiago College, 17th At Bristol, Santa Ana, CA 92706, USA
1:2150 CSUNET-SW
2:200 BARRNet
3:201 BARRNet
--------------
192.104.166/24 RSC-NET (US)
192.189.45/24 RSC-NET2 (US)
192.189.46/24 RSC-NET3 (US)
192.189.47/24 RSC-NET4 (US)
192.189.48/24 RSC-NET5 (US)
Red Brick Systems, 485 Alberto Way, Los Gatos, CA 95032, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
198.17.203/24 REDBRICKLG2 (US)
198.17.204/24 REDBRICKLG3 (US)
Roche Biomedical Laboratories, 1447 York Court, Burlington, NC 27215, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
----------
162.134/16 ROCHE-BIOMED (US)
State of Montana, Sam Mitchell Building, Helena, MT 59620, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
--------
161.7/16 MT-GOV (US)
Systems Design, Inc., 16910 Westview Ave, South Holland, IL 60473, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.186/24 PSINET-C5-186 (US)
The Proctor and Gamble Co, P.O. Box 599, Cincinnati, OH 45201, USA
1:600 OARNET, Cleveland, OH
-------------
192.44.150/24 PGXPRES-C-44-150 (US)
Westnet, 3645 Marine Street, U. of Colorado, Boulder, CO 80309-0455, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:209 Westnet Regional Network (Colorado Attachment) - ENSS 141
4:210 Westnet Regional Network (Utah Attachment) - ENSS 142
-------------
198.59.209/24 WESTNET-C-59-209 (US)
==========================================================
The following Midlevel/Regional peering sessions have also been added:
AS 3388 - UNM-AS - ENSS 191
Peer: 129.24.8.158 - University of New Mexico, 1824 Las Lomas,
Albuquerque, NM 87131, USA - eval30.unm.edu
==========================================================
The configuration reports which reflect today's update will be
available for anonymous ftp on nic.merit.edu by 08:00 EST :
configuration reports --
nic.merit.edu:nsfnet/announced.networks:
as-as.now as-gw.now ans_core.now country.now net-comp.now
nets.doc nets.tag.now nets.unl.now
NSS routing software configuration files --
nic.merit.edu:nsfnet/backbone.configuration:
nss<NSS number>.t3p
Information is also avaiable through the PRDB whois server. Type
"whois -h prdb.merit.edu help" for details.
--------------------------------------------------------------------------
Please send all requests for configuration changes to nsfnet-admin(a)merit.edu
using the NSFNET configuration forms. The forms are available on-line
from the nic.merit.edu machine. Use ftp and the anonymous login to get on the
machine. Do a "cd nsfnet/announced.networks" and get the files template.net,
template.net.README, template.gate, and template.as.
In order to more efficiently process your requests, we have moved to a
system which requires the use of template.net (NACR) version 7.0
*******************************
--Steve Widmayer Merit/NSFNET skw(a)merit.edu
--Enke Chen Merit/NSFNET enke(a)merit.edu
--Steven J. Richardson Merit/NSFNET sjr(a)merit.edu
1
0
Jane,
I don't know whether this is a bug or a feature, but your proposed
The Network Operations Forum of North America
could be abbreviated NOFNA and almost rhymes with NAFTA. If this connotes
a constructive effort to 'glue' networking within North America, then it
might be right. *And* it doesn't require congressional approval.
-- Guy
1
0
For all you really old IBMers:
Congress of Northamerican Operations Providers = CNOP
1
0
Hi
Scott and I have been working on trying to solve the whois problem involving
the network entites that we register and delegate to others. Our data is
heirarchical in nature and can be easily "referred" to other sites for the
particular record or additional information.
We have created a referral server and client (aka RWhois) to show this concept
and to get your comments on whether we should continue carrying on with this
idea. An alpha release of the RWhois client and server is available via
anonymous ftp from rs.internic.net as /pub/rwhois/rwhois-B0.1.tar.Z. It
contains the source for the rwhois server; the rwhois client; a partial,
edited copy of the freeWAIS-0.1 distribution; and an example data directory
that you can bring up the rwhois server quickly.
Both the client and server are in the Alpha stages and things will be
changing as we continue to develop this idea (some are listed below). If you
are interested and/or want to get announcements for the latest and greatest
versions, please join the rwhois(a)internic.net mailing list. To join,
send a request to:
rwhois-request(a)internic.net.
If you experience any bugs, send a note to the RWhois development team:
rwhois-bugs(a)internic.net
Things that will be added/changed in releases in the very near future:
Additional client-to-server commands:
- soa (gives soa and update information and where to send templates)
- badref (bad reference)
- recurref (recursive reference found)
- holdconnect (hold connection for interactive queries)
Additional client options:
- use of client-to-server commands
- better handling of server-to-client commands
Configuration details:
- Currently the configuration defaults to slam.internic.net port 3636 on
your particular queries. THIS WILL CHANGE to rs.internic.net port 4343
with the full-blown database (I want my IPC back!).
- The data is a SUBSET of the actual whois data. Do a -xfer to
see what data is in each RWhois server to test (a set is also in
the RWhois draft rs.internic.net:/pub/rwhois/draft-rwhois-00.txt.)
- To see examples of how RWhois works, look at the EXAMPLES file
(rs.internic.net:/pub/rwhois/EXAMPLES.
Addititional Documentation Coming:
- RWhois protocol specification
- RWhois client documentation
- RWhois server documentation
Also in the archive, we have a set of examples along with explanations
of what is happening in /pub/rwhois/EXAMPLES.
We hope you will examine and experiment with RWhois. Please send your comments
to rwhois(a)internic.net. We would like to hear from you!
Thanks for your time,
Mark
1
0
Hello, i realize that it's off-topic but still think the
following message which was forwarded to me by my friend
can be of interest to Internet service providers.
(I also recently heard something about IIA.ORG and
credit card numbers).
Personally i consider attempts to gain "exclusive right
to resell internet services" by bureaucratic means as
highly anti-social and suggest the Internet community to
react accordingly.
--vadim
SprintLink Engineering
[RELCOM is Russian Electronic Communications -- the national
UUCP and TCP/IP network].
------FORWARDED MESSAGE-----
> Hello Alex, my name is Charles Maslin. I heard through the net that
> you are involved with RELCOM and was wondering if you could mail me so
> information about it. I am the Vice President of International
> Operations at IDN (International Digital Networks). My company is
> interested in bringing internet connectivity to anyone who wants it
> and will give a free node to any nation that has no internet connectivity at
> no cost to that nation. The only thing we ask for in return is the
> right to resell internet services in that country on an exclusive
> basis for 10 years. The resale rates will be set by bilateral
> negotiation between IDN and the government of the country.
> The benefits to countries that don't have internet services
> are numerous. We supply the hardware and support services and they
> pay a nominal charge for access without having to pay any long
> distance charges. For countries that already have internet
> connectivity, we will supply a node at a very competitive price. If
> you think that RELCOM and IDN may have some synergy please contact me.
> Thank you and be well.
> Charles Maslin
> maslin(a)iia.org
> (201)928-1000 (work)
> (201)626-4771 (home)
1
0
I agree that the regional-techs group cannot set policy on who is or isn't
a provider or who does or doesn't get address space. However, I think they
can talk about these issues and make recommendations on what should be done.
In fact I think it is important that they do so. The sooner the better.
It seems that the right way to make "policy" is to take recommendations,
write an RFC and go through that entire process with the whole business
finally endorsed by the IAB. Should try to get other groups to endorse
the RFC as well (FARNET, the US Federal policy group the name of which
I can never keep straight, the folks in Europe, ...). My guess is that
if we can come up with a reasoanble policy that most folks in the Internet
will follow it.
-Jeff Ogden
Merit/MichNet
3
2
The following changes have been made to the NSFNET policy-based routing
database and will be installed on the backbone by 08:00 EST :
Total = */8 + */16 + */24 + Other
Configured Networks 23843 = 28 4361 19454 0
Added Networks 199 = 0 8 191 0
Deleted Networks 15 = 0 0 15 0
IP address Net name Country Priority:AS
---------- -------- ------- -----------
143.91/16 GTETELOPS-LAN C:US 1:560 2:701
146.69/16 CALCOMP1 C:US 1:1740
147.211/16 AUSTCONSERV C:AU 1:372 2:297
158.89/16 WOODSIDE C:AU 1:372 2:297
162.15/16 CPUC C:US 1:200 2:201
162.30/16 RGHNET C:US 1:2149 2:174
163.134/16 HIMEJI-DU C:JP 1:1240 2:1800
167.30/16 NET-WASCANNET C:AU 1:372 2:297
192.42.200/24 LUNET-NET21 C:CH 1:1133 2:1674 3:1800
192.70.40/24 FNET-ESE-REN C:FR 1:1800 2:1240 3:1133 4:1674
192.87.18/24 SURF-LAN C:NL 1:1800 2:1133 3:1674 4:1240
192.87.120/24 VSNU C:NL 1:1800 2:1133 3:1674 4:1240
192.87.121/24 ESDNET C:NL 1:1800 2:1133 3:1674 4:1240
192.87.123/24 ING-IP-NET C:NL 1:1800 2:1133 3:1674 4:1240
192.91.241/24 CERN-CNET28 C:CH 1:1133 2:1800 3:1240
192.133.124/24 GTE-GSC-NCS1 C:US 1:86 2:279
192.134.157/24 FNET-IUT-TLS C:FR 1:1800 2:1240 3:1133 4:1674
192.189.102/24 RSEN C:US 1:204 2:1206
192.207.226/24 ENMU-2 C:US 1:209 2:210
193.4.252/24 IS-KEANET C:IS 1:1800 2:1879 3:1133 4:1240
193.10.79/24 SE-GU C:SE 1:1800 2:1879 3:1133 4:1240
193.28.52/24 SYSPART-NET-C-28-52 C:DE 1:1324 2:1800 3:1240 4:1133
193.28.53/24 SYSPART-NET-C-28-53 C:DE 1:1324 2:1800 3:1240 4:1133
193.48.28/24 UNIV-CORSE01 C:FR 1:1800 2:1240 3:1133 4:1674
193.48.219/24 ROCAD-ROCKF3 C:FR 1:1133 2:1800 3:1240
193.49.100/24 LYON3-MANU C:FR 1:1800 2:1240 3:1133 4:1674
193.49.101/24 LYON3-QUAI C:FR 1:1800 2:1240 3:1133 4:1674
193.49.122/24 FR-CESDY C:FR 1:1800 2:1240 3:1133 4:1674
193.49.137/24 FR-NANCY-CDM C:FR 1:1800 2:1240 3:1133 4:1674
193.50.193/24 FR-UVHC2 C:FR 1:1800 2:1240 3:1133 4:1674
193.54.192/24 FR-ESEREN2 C:FR 1:1800 2:1240 3:1133 4:1674
193.54.193/24 FR-ESEREN3 C:FR 1:1800 2:1240 3:1133 4:1674
193.54.194/24 FR-ESEREN4 C:FR 1:1800 2:1240 3:1133 4:1674
193.54.220/24 ROCAD-ROCKF4 C:FR 1:1133 2:1800 3:1240
193.54.228/24 FR-CERCO C:FR 1:1800 2:1240 3:1133 4:1674
193.55.144/24 FR-OBSNANCAY C:FR 1:1800 2:1240 3:1133 4:1674
193.55.254/24 FR-ILLECOT C:FR 1:1800 2:1240 3:1133 4:1674
193.56.4/24 FR-BRGM-ORL1 C:FR 1:1800 2:1240 3:1133 4:1674
193.56.5/24 FR-BRGM-ORL2 C:FR 1:1800 2:1240 3:1133 4:1674
193.56.6/24 FR-BRGM-ORL3 C:FR 1:1800 2:1240 3:1133 4:1674
193.56.7/24 FR-BRGM-ORL4 C:FR 1:1800 2:1240 3:1133 4:1674
193.73.204/24 ACTIVE C:CH 1:701 2:1800
193.84.180/24 VSZBR-B-C-84-180 C:CZ 1:1800 2:1133 3:1240
193.84.181/24 VSZBR-B-C-84-181 C:CZ 1:1800 2:1133 3:1240
193.84.182/24 VSZBR-B-C-84-182 C:CZ 1:1800 2:1133 3:1240
193.84.183/24 VSZBR-B-C-84-183 C:CZ 1:1800 2:1133 3:1240
193.136.51/24 INESCP-NET-SUPER C:PT 1:1800 2:1133 3:1240
193.140.25/24 9EYLUL-NET-C-140-25 C:TR 1:1800 2:1240
193.140.26/24 9EYLUL-NET-C-140-26 C:TR 1:1800 2:1240
193.140.27/24 9EYLUL-NET-C-140-27 C:TR 1:1800 2:1240
193.141.1/24 PEM-CEBIT C:DE 1:1324 2:1800 3:1240 4:1133
193.216.4/24 NO-DATAMETRIX1 C:NO 1:1800 2:1879 3:1133 4:1240
193.227.3/24 EUN-C-227-3 C:EG 1:1800 2:1240 3:1133 4:1674
193.227.4/24 EUN-C-227-4 C:EG 1:1800 2:1240 3:1133 4:1674
193.227.30/24 EUN-C-227-30 C:EG 1:1800 2:1240 3:1133 4:1674
193.227.31/24 EUN-C-227-31 C:EG 1:1800 2:1240 3:1133 4:1674
193.233.5/24 UNICOR-HQ-LAN C:RU 1:1800 2:1240
194.12.128/24 CERN-C-12-128 C:CH 1:1133 2:1800 3:1240
194.12.129/24 CERN-C-12-129 C:CH 1:1133 2:1800 3:1240
194.12.130/24 CERN-C-12-130 C:CH 1:1133 2:1800 3:1240
194.12.131/24 CERN-C-12-131 C:CH 1:1133 2:1800 3:1240
194.12.132/24 CERN-C-12-132 C:CH 1:1133 2:1800 3:1240
194.12.133/24 CERN-C-12-133 C:CH 1:1133 2:1800 3:1240
194.12.134/24 CERN-C-12-134 C:CH 1:1133 2:1800 3:1240
194.12.135/24 CERN-C-12-135 C:CH 1:1133 2:1800 3:1240
194.41.0/24 DANTE-NL-US C:NL 1:1800 2:1133 3:1674 4:1240
198.6.3/24 SHEPS C:US 1:701 2:702
198.6.14/24 MURPHNET2 C:US 1:701 2:702
198.6.15/24 BALR-NET C:US 1:701 2:702
198.27.51/24 JSC-B30S51 C:US 1:771 2:372 3:297
198.30.208/24 OAR208 C:US 1:600
198.36.17/24 SCSDNET17 C:US 1:2149 2:174
198.36.18/24 SCSDNET18 C:US 1:2149 2:174
198.36.19/24 SCSDNET19 C:US 1:2149 2:174
198.36.20/24 SCSDNET20 C:US 1:2149 2:174
198.36.21/24 SCSDNET21 C:US 1:2149 2:174
198.36.22/24 SCSDNET22 C:US 1:2149 2:174
198.36.23/24 SCSDNET23 C:US 1:2149 2:174
198.36.24/24 SCSDNET24 C:US 1:2149 2:174
198.36.25/24 SCSDNET25 C:US 1:2149 2:174
198.36.26/24 SCSDNET26 C:US 1:2149 2:174
198.36.27/24 SCSDNET27 C:US 1:2149 2:174
198.62.192/24 SNS-NET1 C:US 1:2149 2:174
198.62.193/24 SNS-NET2 C:US 1:2149 2:174
198.62.194/24 SNS-NET3 C:US 1:2149 2:174
198.74.13/24 BUG-6 C:US 1:2149 2:174
198.76.85/24 NDU1-C-76-85 C:US 1:279
198.78.243/24 FLLIB-NET1 C:US 1:279 2:86
198.80.11/24 CSDCO-DMZ C:US 1:1332
198.92.131/24 NET-LIGHTSCAPE C:US 1:200 2:201
198.133.232/24 GCSI C:US 1:209 2:210
198.163.96/24 ISM-CA-MAN-C-163-96 C:CA 1:603 2:601 3:602
198.163.97/24 ISM-CA-MAN-C-163-97 C:CA 1:603 2:601 3:602
198.163.98/24 ISM-CA-MAN-C-163-98 C:CA 1:603 2:601 3:602
198.163.99/24 ISM-CA-MAN-C-163-99 C:CA 1:603 2:601 3:602
198.163.100/24 ISM-CA-MAN-C-163-100 C:CA 1:603 2:601 3:602
198.163.101/24 ISM-CA-MAN-C-163-101 C:CA 1:603 2:601 3:602
198.163.102/24 ISM-CA-MAN-C-163-102 C:CA 1:603 2:601 3:602
198.163.103/24 ISM-CA-MAN-C-163-103 C:CA 1:603 2:601 3:602
198.163.104/24 ISM-CA-MAN-C-163-104 C:CA 1:603 2:601 3:602
198.163.105/24 ISM-CA-MAN-C-163-105 C:CA 1:603 2:601 3:602
198.163.106/24 ISM-CA-MAN-C-163-106 C:CA 1:603 2:601 3:602
198.163.107/24 ISM-CA-MAN-C-163-107 C:CA 1:603 2:601 3:602
198.189.15/24 CSUNET-NORTH-C-189-15 C:US 1:2150 2:200 3:201
198.202.236/24 AVLNA C:US 1:2149 2:174
198.206.150/24 CSONET C:US 1:93
198.217.64/24 ALTABATES1 C:US 1:701 2:702
198.217.65/24 ALTABATES2 C:US 1:701 2:702
198.217.66/24 ALTABATES3 C:US 1:701 2:702
198.217.67/24 ALTABATES4 C:US 1:701 2:702
198.217.68/24 ALTABATES5 C:US 1:701 2:702
198.217.69/24 ALTABATES6 C:US 1:701 2:702
198.217.70/24 ALTABATES7 C:US 1:701 2:702
198.217.71/24 ALTABATES8 C:US 1:701 2:702
198.217.72/24 ALTABATES9 C:US 1:701 2:702
198.217.73/24 ALTABATES10 C:US 1:701 2:702
198.217.74/24 ALTABATES11 C:US 1:701 2:702
198.217.75/24 ALTABATES12 C:US 1:701 2:702
198.217.76/24 ALTABATES13 C:US 1:701 2:702
198.217.77/24 ALTABATES14 C:US 1:701 2:702
198.217.78/24 ALTABATES15 C:US 1:701 2:702
198.217.79/24 ALTABATES16 C:US 1:701 2:702
198.217.80/24 ALTABATES17 C:US 1:701 2:702
198.217.81/24 ALTABATES18 C:US 1:701 2:702
198.217.82/24 ALTABATES19 C:US 1:701 2:702
198.217.83/24 ALTABATES20 C:US 1:701 2:702
198.217.84/24 ALTABATES21 C:US 1:701 2:702
198.217.85/24 ALTABATES22 C:US 1:701 2:702
198.217.86/24 ALTABATES23 C:US 1:701 2:702
198.217.87/24 ALTABATES24 C:US 1:701 2:702
198.217.88/24 ALTABATES25 C:US 1:701 2:702
198.217.89/24 ALTABATES26 C:US 1:701 2:702
198.217.90/24 ALTABATES27 C:US 1:701 2:702
198.217.91/24 ALTABATES28 C:US 1:701 2:702
198.217.92/24 ALTABATES29 C:US 1:701 2:702
198.217.93/24 ALTABATES30 C:US 1:701 2:702
198.217.94/24 ALTABATES31 C:US 1:701 2:702
198.217.95/24 ALTABATES32 C:US 1:701 2:702
198.217.96/24 ALTABATES33 C:US 1:701 2:702
198.217.97/24 ALTABATES34 C:US 1:701 2:702
198.217.98/24 ALTABATES35 C:US 1:701 2:702
198.217.99/24 ALTABATES36 C:US 1:701 2:702
198.217.100/24 ALTABATES37 C:US 1:701 2:702
198.217.101/24 ALTABATES38 C:US 1:701 2:702
198.217.102/24 ALTABATES39 C:US 1:701 2:702
198.217.103/24 ALTABATES40 C:US 1:701 2:702
198.217.104/24 ALTABATES41 C:US 1:701 2:702
198.217.105/24 ALTABATES42 C:US 1:701 2:702
198.217.106/24 ALTABATES43 C:US 1:701 2:702
198.217.107/24 ALTABATES44 C:US 1:701 2:702
198.217.108/24 ALTABATES45 C:US 1:701 2:702
198.217.109/24 ALTABATES46 C:US 1:701 2:702
198.217.110/24 ALTABATES47 C:US 1:701 2:702
198.217.111/24 ALTABATES48 C:US 1:701 2:702
198.217.112/24 ALTABATES49 C:US 1:701 2:702
198.217.113/24 ALTABATES50 C:US 1:701 2:702
198.247.251/24 EXCHANGE-NET C:US 1:93
198.253.71/24 NCINET-C-253-71 C:US 1:22
198.253.72/24 NCINET-C-253-72 C:US 1:22
198.253.73/24 NCINET-C-253-73 C:US 1:22
198.253.74/24 NCINET-C-253-74 C:US 1:22
198.253.75/24 NCINET-C-253-75 C:US 1:22
198.253.76/24 NCINET-C-253-76 C:US 1:22
198.253.77/24 NCINET-C-253-77 C:US 1:22
198.253.78/24 NCINET-C-253-78 C:US 1:22
198.253.79/24 NCINET-C-253-79 C:US 1:22
198.253.118/24 NCINET-C-253-118 C:US 1:22
198.253.119/24 NCINET-C-253-119 C:US 1:22
198.253.120/24 NCINET-C-253-120 C:US 1:22
199.0.148/24 INFI-NET-C-0-148 C:US 1:1800 2:1240
199.0.149/24 INFI-NET-C-0-149 C:US 1:1800 2:1240
199.10.55/24 SAMHOU-ISR C:US 1:19 2:568
199.10.148/24 MIDAS C:US 1:19 2:568
199.10.149/24 C2DELNET2 C:US 1:19 2:568
199.33.243/24 ACES-2 C:US 1:1240 2:1800
199.35.15/24 CDCONNECTION C:US 1:2551
199.35.33/24 NEC-ELECTRONIC C:US 1:2551
199.79.152/24 VENTANA-NET C:US 1:1240 2:1800
199.97.28/24 PSINET-C5-28 C:US 1:2149 2:174
199.97.121/24 PSINET-C5-121 C:US 1:2149 2:174
199.97.162/24 PSINET-C5-162 C:US 1:2149 2:174
199.97.163/24 PSINET-C5-163 C:US 1:2149 2:174
199.97.180/24 PSINET-C5-180 C:US 1:2149 2:174
199.97.181/24 PSINET-C5-181 C:US 1:2149 2:174
199.97.182/24 PSINET-C5-182 C:US 1:2149 2:174
199.97.184/24 PSINET-C5 C:US 1:2149 2:174
199.97.196/24 PSINET-C-97-196 C:US 1:2149 2:174
199.97.197/24 PSINET-C-97-197 C:US 1:2149 2:174
202.14.66/24 WESTMEAD-2 C:AU 1:372 2:297
202.14.143/24 IPEXITG-C-14-143 C:AU 1:372 2:297
202.14.144/24 IPEXITG-C-14-144 C:AU 1:372 2:297
202.14.211/24 RBGSYD1 C:AU 1:372 2:297
202.14.212/24 RBGSYD2 C:AU 1:372 2:297
202.14.213/24 RBGSYD3 C:AU 1:372 2:297
202.14.214/24 RBGSYD4 C:AU 1:372 2:297
202.17.182/24 KCMNET C:JP 1:1240 2:1800
202.20.116/24 DIGICON-SG-C-20-116 C:SG 1:97
202.33.1/24 SADATA C:JP 1:2149 2:174
202.33.2/24 SSWNETJ C:JP 1:2149 2:174
Deletions:
--192.92.101/24 VLINK C:US 1:600
--192.149.34/24 ENG-NORSTAN C:US 1:600
--193.140.21/24 9EYLUL-NET-C-140-21 C:TR 1:1800 2:1240
--193.140.22/24 9EYLUL-NET-C-140-22 C:TR 1:1800 2:1240
--193.140.23/24 9EYLUL-NET-C-140-23 C:TR 1:1800 2:1240
--198.91.64/24 IC-SQUARED1 C:US 1:86 2:279
--198.91.65/24 IC-SQUARED2 C:US 1:86 2:279
--198.91.66/24 IC-SQUARED3 C:US 1:86 2:279
--198.91.67/24 IC-SQUARED4 C:US 1:86 2:279
--198.91.68/24 IC-SQUARED5 C:US 1:86 2:279
--198.91.69/24 IC-SQUARED6 C:US 1:86 2:279
--198.91.70/24 IC-SQUARED7 C:US 1:86 2:279
--198.91.71/24 IC-SQUARED8 C:US 1:86 2:279
--198.91.72/24 IC-SQUARED9 C:US 1:86 2:279
--198.91.73/24 IC-SQUARED10 C:US 1:86 2:279
Expanded listing, sorted by country, then by organization:
==========================================================
Australia
---------
Australian Construction Services, 313 Adelaide Street, Brisbane, QLD, 4000,
AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
----------
147.211/16 AUSTCONSERV (AU)
Bureau Services, Department of State Services,151 Royal Street, East Perth,
WA, 6004, AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
---------
167.30/16 NET-WASCANNET (AU)
Ipex ITG, Building 8A,Ipex Technology Park,George Street, Sandringham, VIC,
3191, AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
-------------
202.14.143/24 IPEXITG-C-14-143 (AU)
202.14.144/24 IPEXITG-C-14-144 (AU)
Royal Botanic Gardens, Sydney, Mrs Macquaries Road, Sydney, NSW, 2000,
AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
-------------
202.14.211/24 RBGSYD1 (AU)
202.14.212/24 RBGSYD2 (AU)
202.14.213/24 RBGSYD3 (AU)
202.14.214/24 RBGSYD4 (AU)
Westmead Hospital / University of Sydney, Dr C. Liddle,Department of
Medicine,Westmead Hospital, Westmead,
NSW, 2145, AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
------------
202.14.66/24 WESTMEAD-2 (AU)
Woodside Group of Co., 1 Adelaide Tce, Perth, WA, 6000, AUSTRALIA
1:372 Nasa Science Network (FIX-West)
2:297 Nasa Science Network (FIX-East)
---------
158.89/16 WOODSIDE (AU)
Canada
------
Information Systems Management Corporation, 400 Ellice Ave., Winnipeg, MB,
R3B 3M3, CANADA
1:603 CA*net in Quebec
2:601 CA*net in Toronto
3:602 CA*net in Montreal
-------------
198.163.96/24 ISM-CA-MAN-C-163-96 (CA)
198.163.97/24 ISM-CA-MAN-C-163-97 (CA)
198.163.98/24 ISM-CA-MAN-C-163-98 (CA)
198.163.99/24 ISM-CA-MAN-C-163-99 (CA)
198.163.100/24 ISM-CA-MAN-C-163-100 (CA)
198.163.101/24 ISM-CA-MAN-C-163-101 (CA)
198.163.102/24 ISM-CA-MAN-C-163-102 (CA)
198.163.103/24 ISM-CA-MAN-C-163-103 (CA)
198.163.104/24 ISM-CA-MAN-C-163-104 (CA)
198.163.105/24 ISM-CA-MAN-C-163-105 (CA)
198.163.106/24 ISM-CA-MAN-C-163-106 (CA)
198.163.107/24 ISM-CA-MAN-C-163-107 (CA)
Czech Republic
--------------
University of Agriculture, Computing Centre, Zemedelska 1, Brno, 616 00,
CZECH REPUBLIC
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1240 ICM-Pacific
-------------
193.84.180/24 VSZBR-B-C-84-180 (CZ)
193.84.181/24 VSZBR-B-C-84-181 (CZ)
193.84.182/24 VSZBR-B-C-84-182 (CZ)
193.84.183/24 VSZBR-B-C-84-183 (CZ)
Egypt
-----
Egyptian Universities Network, FRCU Computer Center, Supreme Council of
Universities, Cairo University, Giza,
EGYPT
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
------------
193.227.3/24 EUN-C-227-3 (EG)
193.227.4/24 EUN-C-227-4 (EG)
193.227.30/24 EUN-C-227-30 (EG)
193.227.31/24 EUN-C-227-31 (EG)
France
------
BRGM - Bureau de Recherches Geologiques et Minieres, Avenue de Concyr, BP
6009, 45060 Orleans CEDEX 2, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-----------
193.56.4/24 FR-BRGM-ORL1 (FR)
193.56.5/24 FR-BRGM-ORL2 (FR)
193.56.6/24 FR-BRGM-ORL3 (FR)
193.56.7/24 FR-BRGM-ORL4 (FR)
CERCO - Cerveau et cognition - Faculte de medecine, 133 route de Narbonne,
31062 Toulouse CEDEX, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.54.228/24 FR-CERCO (FR)
CNAM CESDY, 29 rue du Marechal Joffre, 78000 Versailles, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.49.122/24 FR-CESDY (FR)
Centre du Medicament, Faculte de pharmacie, 30, rue Lionnois, 54000 Nancy,
FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.49.137/24 FR-NANCY-CDM (FR)
Ecole Superieure d'Electricite, Antenne de Rennes, Av. de la Boulais, BP
28, 35511 Cesson-Sevigne CEDEX, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
------------
192.70.40/24 FNET-ESE-REN (FR)
France Telecom, 9 Rue de Nanteuil, 75015 Paris, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.55.254/24 FR-ILLECOT (FR)
Institut Universitaire de Technologie A Toulouse, Departement Informatique,
50 A, Chemin des Maraichers, F-31077
Toulouse CEDEX, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
--------------
192.134.157/24 FNET-IUT-TLS (FR)
Observatoire de Nancay - Station de Radioastronomie, 18330 Nancay, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.55.144/24 FR-OBSNANCAY (FR)
SUPELEC Ecole Superieure d'Electricite, Antenne de Rennes, Av. de la
Boulais, BP 28, 35511 Cesson-Sevigne
CEDEX, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.54.192/24 FR-ESEREN2 (FR)
193.54.193/24 FR-ESEREN3 (FR)
193.54.194/24 FR-ESEREN4 (FR)
Universite Claude Bernard Lyon 1, 69373 Lyon CEDEX 08, FRANCE
1:1133 CERN/DANTE
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
-------------
193.48.219/24 ROCAD-ROCKF3 (FR)
193.54.220/24 ROCAD-ROCKF4 (FR)
Universite Jean Moulin Lyon III, 1 rue de l'universite, 69239 Lyon CEDEX
02, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.49.100/24 LYON3-MANU (FR)
193.49.101/24 LYON3-QUAI (FR)
Universite de Corse, Quartier Grossetti BP 52, 20250 Corti, FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
------------
193.48.28/24 UNIV-CORSE01 (FR)
University of VALENCIENNES Campus, Le Mont Houy BP 311, 59304 Valenciennes,
FRANCE
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
3:1133 CERN/DANTE
4:1674 CERN/DANTE
-------------
193.50.193/24 FR-UVHC2 (FR)
Germany
-------
Programmentwicklungsgesellschaft fuer Microcomputer mbH (PEM), Vaihinger
Strasse 49, D-70567 Stuttgart, GERMANY
1:1324 ANS New York City - DNSS 35
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
4:1133 CERN/DANTE
------------
193.141.1/24 PEM-CEBIT (DE)
SystemPartner Moeller u. Hellwig, Suederstrasse 345b, D-20537 Hamburg,
GERMANY
1:1324 ANS New York City - DNSS 35
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
4:1133 CERN/DANTE
------------
193.28.52/24 SYSPART-NET-C-28-52 (DE)
193.28.53/24 SYSPART-NET-C-28-53 (DE)
Iceland
-------
Hafnastraeti 91-95, 605 Akureyri, ICELAND
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
------------
193.4.252/24 IS-KEANET (IS)
Japan
-----
Himeji Dokkyo University, 7-2-1, Kami-ohno, Himeji, 670, JAPAN
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
----------
163.134/16 HIMEJI-DU (JP)
Kunitachi College of Music, 5-5-1 Kashiwa-cho, Tachikawa-shi, Tokyo, 190,
JAPAN
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
-------------
202.17.182/24 KCMNET (JP)
SA Data Service, Inc., 4-7-23, Minami-Senba, Chuo-ku, Osaka, 542, JAPAN
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-----------
202.33.1/24 SADATA (JP)
Sterling Software Japan, ShibaKoen Takahashi Building 7F., 8-12, Shibakoen
1-chome,Minato-ku, Tokyo, 105, JAPAN
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-----------
202.33.2/24 SSWNETJ (JP)
Netherlands
-----------
DANTE Ltd., Lockton House, Clarendon Road, Cambridge, CB2 2BH, UNITED
KINGDOM
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
-----------
194.41.0/24 DANTE-NL-US (NL)
ESD Netwerken bv, Apeldoorn, NETHERLANDS
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
-------------
192.87.121/24 ESDNET (NL)
Instituut voor Nederlandse Geschiedenis, Den Haag, NETHERLANDS
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
-------------
192.87.123/24 ING-IP-NET (NL)
Stichting SURF, P.O. Box 2290, NL-3500 GG Utrecht, NETHERLANDS
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
------------
192.87.18/24 SURF-LAN (NL)
Vereniging van Samenwerkende Nederlandse Universiteiten, Utrecht,
NETHERLANDS
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1674 CERN/DANTE
4:1240 ICM-Pacific
-------------
192.87.120/24 VSNU (NL)
Norway
------
Datametrix A/S, Postboks 79 , Abildsoe, 1105 Oslo, NORWAY
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
------------
193.216.4/24 NO-DATAMETRIX1 (NO)
Portugal
--------
INESC-Porto, Lg. Mompilher, 22, P-4007 Porto CODEX, PORTUGAL
1:1800 ICM-Atlantic
2:1133 CERN/DANTE
3:1240 ICM-Pacific
-------------
193.136.51/24 INESCP-NET-SUPER (PT)
Russian Federation
------------------
University Knowledge Networks Corp., 4, Izmailovskoje sh., Moscow, 105318,
RUSSIAN FEDERATION
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
------------
193.233.5/24 UNICOR-HQ-LAN (RU)
Singapore
---------
Digicon Exploration, Ltd., 37 Jalan Pemempin, #06-01, 2057, SINGAPORE
1:97 JvNCnet Regional Network
-------------
202.20.116/24 DIGICON-SG-C-20-116 (SG)
Sweden
------
Goteborgs Universitet, Datanamnden, Vasaparken, S-411 24 Goteborg, SWEDEN
1:1800 ICM-Atlantic
2:1879 EUROPE-RS
3:1133 CERN/DANTE
4:1240 ICM-Pacific
------------
193.10.79/24 SE-GU (SE)
Switzerland
-----------
Active-Net BBS, Eschenweg 4, CH-8645 Jona, SWITZERLAND
1:701 Alternet
2:1800 ICM-Atlantic
-------------
193.73.204/24 ACTIVE (CH)
CERN, European Laboratory for Particle Physics, CH-1211 Geneva 23,
SWITZERLAND
1:1133 CERN/DANTE
2:1800 ICM-Atlantic
3:1240 ICM-Pacific
-------------
192.91.241/24 CERN-CNET28 (CH)
194.12.128/24 CERN-C-12-128 (CH)
194.12.129/24 CERN-C-12-129 (CH)
194.12.130/24 CERN-C-12-130 (CH)
194.12.131/24 CERN-C-12-131 (CH)
194.12.132/24 CERN-C-12-132 (CH)
194.12.133/24 CERN-C-12-133 (CH)
194.12.134/24 CERN-C-12-134 (CH)
194.12.135/24 CERN-C-12-135 (CH)
University of Lausanne, Lausanne, SWITZERLAND
1:1133 CERN/DANTE
2:1674 CERN/DANTE
3:1800 ICM-Atlantic
-------------
192.42.200/24 LUNET-NET21 (CH)
Turkey
------
9 Eylul University, Fen Edebiyat Faculty, Izmir, 35000, TURKEY
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
-------------
193.140.25/24 9EYLUL-NET-C-140-25 (TR)
193.140.26/24 9EYLUL-NET-C-140-26 (TR)
193.140.27/24 9EYLUL-NET-C-140-27 (TR)
United States
-------------
ACES Research Inc, PO BOX 14546, Tucson, AZ 85711, USA
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
-------------
199.33.243/24 ACES-2 (US)
AVL North America, 41169 Vincenti Court, Novi, MI 48375, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
--------------
198.202.236/24 AVLNA (US)
Alta Bates Medical Center, 2850 Telegraph Avenue, Third Floor, Berkeley, CA
94705, USA
1:701 Alternet
2:702 Alternet
-------------
198.217.64/24 ALTABATES1 (US)
198.217.65/24 ALTABATES2 (US)
198.217.66/24 ALTABATES3 (US)
198.217.67/24 ALTABATES4 (US)
198.217.68/24 ALTABATES5 (US)
198.217.69/24 ALTABATES6 (US)
198.217.70/24 ALTABATES7 (US)
198.217.71/24 ALTABATES8 (US)
198.217.72/24 ALTABATES9 (US)
198.217.73/24 ALTABATES10 (US)
198.217.74/24 ALTABATES11 (US)
198.217.75/24 ALTABATES12 (US)
198.217.76/24 ALTABATES13 (US)
198.217.77/24 ALTABATES14 (US)
198.217.78/24 ALTABATES15 (US)
198.217.79/24 ALTABATES16 (US)
198.217.80/24 ALTABATES17 (US)
198.217.81/24 ALTABATES18 (US)
198.217.82/24 ALTABATES19 (US)
198.217.83/24 ALTABATES20 (US)
198.217.84/24 ALTABATES21 (US)
198.217.85/24 ALTABATES22 (US)
198.217.86/24 ALTABATES23 (US)
198.217.87/24 ALTABATES24 (US)
198.217.88/24 ALTABATES25 (US)
198.217.89/24 ALTABATES26 (US)
198.217.90/24 ALTABATES27 (US)
198.217.91/24 ALTABATES28 (US)
198.217.92/24 ALTABATES29 (US)
198.217.93/24 ALTABATES30 (US)
198.217.94/24 ALTABATES31 (US)
198.217.95/24 ALTABATES32 (US)
198.217.96/24 ALTABATES33 (US)
198.217.97/24 ALTABATES34 (US)
198.217.98/24 ALTABATES35 (US)
198.217.99/24 ALTABATES36 (US)
198.217.100/24 ALTABATES37 (US)
198.217.101/24 ALTABATES38 (US)
198.217.102/24 ALTABATES39 (US)
198.217.103/24 ALTABATES40 (US)
198.217.104/24 ALTABATES41 (US)
198.217.105/24 ALTABATES42 (US)
198.217.106/24 ALTABATES43 (US)
198.217.107/24 ALTABATES44 (US)
198.217.108/24 ALTABATES45 (US)
198.217.109/24 ALTABATES46 (US)
198.217.110/24 ALTABATES47 (US)
198.217.111/24 ALTABATES48 (US)
198.217.112/24 ALTABATES49 (US)
198.217.113/24 ALTABATES50 (US)
BALR Corporation, 1520 Kensington #105, Oakbrook, IL 60521, USA
1:701 Alternet
2:702 Alternet
-----------
198.6.15/24 BALR-NET (US)
Brooklyn Union Gas Company, One Metrotech Center, 14th Floor, Brooklyn, NY
11202, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
------------
198.74.13/24 BUG-6 (US)
CalComp, 2411 W. La Palma Ave., Anahaim, CA 92803, USA
1:1740 CERFnet
---------
146.69/16 CALCOMP1 (US)
California Public Utilities Commission, 505 Van Ness Avenue, San Francisco,
CA 94102, USA
1:200 BARRNet
2:201 BARRNet
---------
162.15/16 CPUC (US)
Central States Health & Life Co. of Omaha, 1212 N. 96th Street, Omaha, NE
68114, USA
1:93 MIDnet
--------------
198.206.150/24 CSONET (US)
Compact Disc Connection, 1176A Aster Ave, Sunnyvale, CA 94086, USA
1:2551 NETCOM
------------
199.35.15/24 CDCONNECTION (US)
Computer Systems Design Company, 735 Highland Avenue, Boulder, CO 80302,
USA
1:1332 ANS Denver - DNSS 99
------------
198.80.11/24 CSDCO-DMZ (US)
Council on International Educational Exchange, 205 East 42nd Street, 14th
Floor, New York, NY 10017, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.180/24 PSINET-C5-180 (US)
Defense Information Systems Agency, 3701 N. Fairfax Drive, Arlington, VA
22203-1713, USA
1:19 Milnet (FIX-East)
2:568 Milnet (FIX-West)
-------------
199.10.149/24 C2DELNET2 (US)
Eastern New Mexico University, Computer Services Station #15, Portales, NM
88130, USA
1:209 Westnet Regional Network (Colorado Attachment) - ENSS 141
2:210 Westnet Regional Network (Utah Attachment) - ENSS 142
--------------
192.207.226/24 ENMU-2 (US)
First Quadrant, 800 East Colorado Ave, Suite 900, Pasadena, CA 91101, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.182/24 PSINET-C5-182 (US)
GTE Government Systems Corp., 400 Park Plaza, PO Box 13279, Research
Triangle Park, NC 27709, USA
1:86 SURANET Regional Network (College Park)
2:279 SURANET Regional Network (Georgia Tech)
--------------
192.133.124/24 GTE-GSC-NCS1 (US)
GTE Laboratories, 40 Sylvan Rd., Waltham, MA 02254, USA
1:560 NEARnet Regional Network
2:701 Alternet
---------
143.91/16 GTETELOPS-LAN (US)
GTE Mobilnet, 4440 Willow Road, Pleasanton, CA 94588, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.163/24 PSINET-C5-163 (US)
Galaxy Computer Services, Inc., 551 W. Cordova Rd., Suite 202, Santa Fe, NM
87501, USA
1:209 Westnet Regional Network (Colorado Attachment) - ENSS 141
2:210 Westnet Regional Network (Utah Attachment) - ENSS 142
--------------
198.133.232/24 GCSI (US)
Hospital for Special Surgery, 535 East 70th Street, New York, NY 10021, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.162/24 PSINET-C5-162 (US)
Lightscape Graphics Software, 4040 Moorpark Ave, Suite 108, San Jose, CA
95117, USA
1:200 BARRNet
2:201 BARRNet
-------------
198.92.131/24 NET-LIGHTSCAPE (US)
Murphy & Durieu Data Systems, 120 Broadway, 17th Floor, New York, NY 10271,
USA
1:701 Alternet
2:702 Alternet
-----------
198.6.14/24 MURPHNET2 (US)
NASA Johnson Space Center, Houston, TX 77058, USA
1:771 Nasa Science Network (Houston)
2:372 Nasa Science Network (FIX-West)
3:297 Nasa Science Network (FIX-East)
------------
198.27.51/24 JSC-B30S51 (US)
NAVSURFWARCENDIV, Bldg 3168, Code 8061JV, 300 Highway 361, Crane, IN
47522-5001, USA
1:19 Milnet (FIX-East)
2:568 Milnet (FIX-West)
-------------
199.10.148/24 MIDAS (US)
NCCOSC RDT&E DIV, Code 0294, San Diego, CA 92152-6199, USA
1:22 NOSC (Naval Ocean Systems Center)
-------------
198.253.71/24 NCINET-C-253-71 (US)
198.253.72/24 NCINET-C-253-72 (US)
198.253.73/24 NCINET-C-253-73 (US)
198.253.74/24 NCINET-C-253-74 (US)
198.253.75/24 NCINET-C-253-75 (US)
198.253.76/24 NCINET-C-253-76 (US)
198.253.77/24 NCINET-C-253-77 (US)
198.253.78/24 NCINET-C-253-78 (US)
198.253.79/24 NCINET-C-253-79 (US)
198.253.118/24 NCINET-C-253-118 (US)
198.253.119/24 NCINET-C-253-119 (US)
198.253.120/24 NCINET-C-253-120 (US)
NEC Electronics, 401 Ellis St., Mt. View, CA 94039-7241, USA
1:2551 NETCOM
------------
199.35.33/24 NEC-ELECTRONIC (US)
National Defense University, Ft. McNair, Washington, DC, DC 20319, USA
1:279 SURANET Regional Network (Georgia Tech)
------------
198.76.85/24 NDU1-C-76-85 (US)
OARnet, 1224 Kinnear Rd, Columbus, OH 43235, USA
1:600 OARNET, Cleveland, OH
-------------
198.30.208/24 OAR208 (US)
ParaGraph Int'l, 1309 S Mary Ave, #150, Sunnyvalle, CA 94087, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.184/24 PSINET-C5 (US)
Rochester General Hospital, 1425 Portland Avenue, Rochester, NY 14621, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
---------
162.30/16 RGHNET (US)
San Joaquin Delta College, 5151 Pacific Avenue, Stockton, CA 95207, USA
1:2150 CSUNET-SW
2:200 BARRNet
3:201 BARRNet
-------------
198.189.15/24 CSUNET-NORTH-C-189-15 (US)
Schulyer-Chemung-Tioga BOCES, 431 Philo Road, Elmira, NY 14903, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.196/24 PSINET-C-97-196 (US)
199.97.197/24 PSINET-C-97-197 (US)
Senate of Pennsylvania, B-51 Main Capitol Building, Harrisburg, PA
17120-0030, USA
1:204 PSCNET Regional Network
2:1206 PSCNET Regional Network
--------------
192.189.102/24 RSEN (US)
Southwest Network Services, 9130 Jollyville Rd, Suite 200, Austin, TX
78759, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
198.62.192/24 SNS-NET1 (US)
198.62.193/24 SNS-NET2 (US)
198.62.194/24 SNS-NET3 (US)
Sphinx Communications, 550 Franklin Ave., Brooklyn, NY 11238, USA
1:701 Alternet
2:702 Alternet
----------
198.6.3/24 SHEPS (US)
State Library of Florida, Division of Library and Information Services, 00
South Bronough Street, Tallahassee, FL,
USA
1:279 SURANET Regional Network (Georgia Tech)
2:86 SURANET Regional Network (College Park)
-------------
198.78.243/24 FLLIB-NET1 (US)
Steinmayr Plug-n-Play Programming Inc., One Galleria Blvd, Suite 950,
Metairie, LA 70003, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
------------
199.97.28/24 PSINET-C5-28 (US)
Syracuse City School District, 725 Harrison Street, Syracuse, NY 13210, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
------------
198.36.17/24 SCSDNET17 (US)
198.36.18/24 SCSDNET18 (US)
198.36.19/24 SCSDNET19 (US)
198.36.20/24 SCSDNET20 (US)
198.36.21/24 SCSDNET21 (US)
198.36.22/24 SCSDNET22 (US)
198.36.23/24 SCSDNET23 (US)
198.36.24/24 SCSDNET24 (US)
198.36.25/24 SCSDNET25 (US)
198.36.26/24 SCSDNET26 (US)
198.36.27/24 SCSDNET27 (US)
The Router Exchange, 938 No. 70th Suite 124, Lincoln, NE 68505, USA
1:93 MIDnet
--------------
198.247.251/24 EXCHANGE-NET (US)
USAG-DOIM, AFZG-IM-IN, Fort Sam Houston, TX 78234, USA
1:19 Milnet (FIX-East)
2:568 Milnet (FIX-West)
------------
199.10.55/24 SAMHOU-ISR (US)
United Video Satellite Group, One Technology Plaza, 7140 South Lewis Ave,
Tulsa, OK 74136, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.181/24 PSINET-C5-181 (US)
Ventana Corporation, 1430 East Fort Lowell Road, Tucson, AZ 85719, USA
1:1240 ICM-Pacific
2:1800 ICM-Atlantic
-------------
199.79.152/24 VENTANA-NET (US)
WYVERN TECHNOLOGIES, 1020 RALEIGH AVE, NORFOLK, VA 23507, USA
1:1800 ICM-Atlantic
2:1240 ICM-Pacific
------------
199.0.148/24 INFI-NET-C-0-148 (US)
199.0.149/24 INFI-NET-C-0-149 (US)
Westchester Library System, 8 Westchester Plaza, Elmsford, NY 10523, USA
1:2149 PSINET-2
2:174 NYSERNet Regional Network / PSI
-------------
199.97.121/24 PSINET-C5-121 (US)
==========================================================
The configuration reports which reflect today's update will be
available for anonymous ftp on nic.merit.edu by 08:00 EST :
configuration reports --
nic.merit.edu:nsfnet/announced.networks:
as-as.now as-gw.now ans_core.now country.now net-comp.now
nets.doc nets.tag.now nets.unl.now
NSS routing software configuration files --
nic.merit.edu:nsfnet/backbone.configuration:
nss<NSS number>.t3p
Information is also avaiable through the PRDB whois server. Type
"whois -h prdb.merit.edu help" for details.
--------------------------------------------------------------------------
Please send all requests for configuration changes to nsfnet-admin(a)merit.edu
using the NSFNET configuration forms. The forms are available on-line
from the nic.merit.edu machine. Use ftp and the anonymous login to get on the
machine. Do a "cd nsfnet/announced.networks" and get the files template.net,
template.net.README, template.gate, and template.as.
In order to more efficiently process your requests, we have moved to a
system which requires the use of template.net (NACR) version 7.0
*******************************
--Steve Widmayer Merit/NSFNET skw(a)merit.edu
--Enke Chen Merit/NSFNET enke(a)merit.edu
--Steven J. Richardson Merit/NSFNET sjr(a)merit.edu
1
0
=============================================================================
CA-94:01 CERT Advisory
February 3, 1994
Ongoing Network Monitoring Attacks
-----------------------------------------------------------------------------
In the past week, CERT has observed a dramatic increase in reports of
intruders monitoring network traffic. Systems of some service
providers have been compromised, and all systems that offer remote
access through rlogin, telnet, and FTP are at risk. Intruders have
already captured access information for tens of thousands of systems
across the Internet.
The current attacks involve a network monitoring tool that uses the
promiscuous mode of a specific network interface, /dev/nit, to capture
host and user authentication information on all newly opened FTP,
telnet, and rlogin sessions.
In the short-term, CERT recommends that all users on sites that offer
remote access change passwords on any network-accessed account. In
addition, all sites having systems that support the /dev/nit interface
should disable this feature if it is not used and attempt to prevent
unauthorized access if the feature is necessary. A procedure for
accomplishing this is described in Section III.B.2 below. Systems
known to support the interface are SunOS 4.x (Sun3 and Sun4
architectures) and Solbourne systems; there may be others. Sun Solaris
systems do not support the /dev/nit interface. If you have a system
other than Sun or Solbourne, contact your vendor to find if this
interface is supported.
While the current attack is specific to /dev/nit, the short-term
workaround does not constitute a solution. The best long-term
solution currently available for this attack is to reduce or eliminate
the transmission of reusable passwords in clear-text over the network.
-----------------------------------------------------------------------------
I. Description
Root-compromised systems that support a promiscuous network
interface are being used by intruders to collect host and user
authentication information visible on the network.
The intruders first penetrate a system and gain root access
through an unpatched vulnerability (solutions and workarounds for
these vulnerabilities have been described in previous CERT
advisories, which are available anonymous FTP from
info.cert.org)
The intruders then run a network monitoring tool that captures up
to the first 128 keystrokes of all newly opened FTP, telnet, and
rlogin sessions visible within the compromised system's domain.
These keystrokes usually contain host, account, and password
information for user accounts on other systems; the intruders log
these for later retrieval. The intruders typically install
Trojan horse programs to support subsequent access to the
compromised system and to hide their network monitoring process.
II. Impact
All connected network sites that use the network to access remote
systems are at risk from this attack.
All user account and password information derived from FTP,
telnet, and rlogin sessions and passing through the same network
as the compromised host could be disclosed.
III. Approach
There are three steps in CERT's recommended approach to the
problem:
- Detect if the network monitoring tool is running on any of your
hosts that support a promiscuous network interface.
- Protect against this attack either by disabling the network
interface for those systems that do not use this feature or by
attempting to prevent unauthorized use of the feature on systems
where this interface is necessary.
- Scope the extent of the attack and recover in the event that
the network monitoring tool is discovered.
A. Detection
The network monitoring tool can be run under a variety of
process names and log to a variety of filenames. Thus, the
best method for detecting the tool is to look for 1) Trojan
horse programs commonly used in conjunction with this attack,
2) any suspect processes running on the system, and 3) the
unauthorized use of /dev/nit.
1) Trojan horse programs:
The intruders have been found to replace one or more of the
following programs with a Trojan horse version in conjunction
with this attack:
/usr/etc/in.telnetd
and /bin/login - Used to provide back-door access for the
intruders to retrieve information
/bin/ps - Used to disguise the network monitoring process
Because the intruders install Trojan horse variations of
standard UNIX commands, CERT recommends not using other
commands such as the standard UNIX sum(1) or cmp(1) commands
to locate the Trojan horse programs on the system until these
programs can be restored from distribution media, run from
read-only media (such as a mounted CD-ROM), or verified using
cryptographic checksum information.
In addition to the possibility of having the checksum
programs replaced by the intruders, the Trojan horse programs
mentioned above may have been engineered to produce the same
standard checksum and timestamp as the legitimate version.
Because of this, the standard UNIX sum(1) command and the
timestamps associated with the programs are not sufficient to
determine whether the programs have been replaced.
CERT recommends that you use both the /usr/5bin/sum and
/bin/sum commands to compare against the distribution media
and assure that the programs have not been replaced. The use
of cmp(1), MD5, Tripwire (only if the baseline checksums were
created on a distribution system), and other cryptographic
checksum tools are also sufficient to detect these Trojan
horse programs, provided these programs were not available
for modification by the intruder. If the distribution is
available on CD-ROM or other read-only device, it may be
possible to compare against these volumes or run programs off
these media.
2) Suspect processes:
Although the name of the network monitoring tool can vary
from attack to attack, it is possible to detect a suspect
process running as root using ps(1) or other process-listing
commands. Until the ps(1) command has been verified against
distribution media, it should not be relied upon--a Trojan
horse version is being used by the intruders to hide the
monitoring process. Some process names that have been
observed are sendmail, es, and in.netd. The arguments to the
process also provide an indication of where the log file is
located. If the "-F" flag is set on the process, the
filename following indicates the location of the log file
used for the collection of authentication information for
later retrieval by the intruders.
3) Unauthorized use of /dev/nit:
If the network monitoring tool is currently running on your
system, it is possible to detect this by checking for
unauthorized use of the /dev/nit interface. CERT has created
a minimal tool for this purpose. The source code for this
tool is available via anonymous FTP on info.cert.org in the
/pub/tools/cpm directory or on ftp.uu.net in the
/pub/security/cpm directory as cpm.1.0.tar.Z. The checksum
information is:
Filename Standard UNIX Sum System V Sum
-------------- ----------------- ------------
cpm.1.0.tar.Z: 11097 6 24453 12
MD5 Checksum
MD5 (cpm.1.0.tar.Z) = e29d43f3a86e647f7ff2aa453329a155
This archive contains a readme file, also included as
Appendix C of this advisory, containing instructions on
installing and using this detection tool.
B. Prevention
There are two actions that are effective in preventing this
attack. A long-term solution requires eliminating
transmission of clear-text passwords on the network. For
this specific attack, however, a short-term workaround
exists. Both of these are described below.
1) Long-term prevention:
CERT recognizes that the only effective long-term solution to
prevent these attacks is by not transmitting reusable
clear-text passwords on the network. CERT has collected some
information on relevant technologies. This information is
included as Appendix B in this advisory. Note: These
solutions will not protect against transient or remote access
transmission of clear-text passwords through the network.
Until everyone connected to your network is using the above
technologies, your policy should allow only authorized users
and programs access to promiscuous network interfaces. The
tool described in Section III.A.3 above may be helpful in
verifying this restricted access.
2) Short-term workaround:
Regardless of whether the network monitoring software is
detected on your system, CERT recommends that ALL SITES take
action to prevent unauthorized network monitoring on their
systems. You can do this either by removing the interface, if
it is not used on the system or by attempting to prevent the
misuse of this interface.
For systems other than Sun and Solbourne, contact your vendor
to find out if promiscuous mode network access is supported
and, if so, what is the recommended method to disable or
monitor this feature.
For SunOS 4.x and Solbourne systems, the promiscuous
interface to the network can be eliminated by removing the
/dev/nit capability from the kernel. The procedure for doing
so is outlined below (see your system manuals for more
details). Once the procedure is complete, you may remove the
device file /dev/nit since it is no longer functional.
Procedure for removing /dev/nit from the kernel:
1. Become root on the system.
2. Apply "method 1" as outlined in the System and Network
Administration manual, in the section, "Sun System
Administration Procedures," Chapter 9, "Reconfiguring the
System Kernel." Excerpts from the method are reproduced
below:
# cd /usr/kvm/sys/sun[3,3x,4,4c]/conf
# cp CONFIG_FILE SYS_NAME
[Note that at this step, you should replace the CONFIG_FILE
with your system specific configuration file if one exists.]
# chmod +w SYS_NAME
# vi SYS_NAME
#
# The following are for streams NIT support. NIT is used by
# etherfind, traffic, rarpd, and ndbootd. As a rule of thumb,
# NIT is almost always needed on a server and almost never
# needed on a diskless client.
#
pseudo-device snit # streams NIT
pseudo-device pf # packet filter
pseudo-device nbuf # NIT buffering module
[Comment out the preceding three lines; save and exit the
editor before proceeding.]
# config SYS_NAME
# cd ../SYS_NAME
# make
# mv /vmunix /vmunix.old
# cp vmunix /vmunix
# /etc/halt
> b
[This step will reboot the system with the new kernel.]
[NOTE that even after the new kernel is installed, you need
to take care to ensure that the previous vmunix.old , or
other kernel, is not used to reboot the system.]
C. Scope and recovery
If you detect the network monitoring software at your site,
CERT recommends following three steps to successfully
determine the scope of the problem and to recover from this
attack.
1. Restore the system that was subjected to the network
monitoring software.
The systems on which the network monitoring and/or Trojan
horse programs are found have been compromised at the root
level; your system configuration may have been altered. See
Appendix A of this advisory for help with recovery.
2. Consider changing router, server, and privileged account
passwords due to the wide-spread nature of these attacks.
Since this threat involves monitoring remote connections,
take care to change these passwords using some mechanism
other than remote telnet, rlogin, or FTP access.
3. Urge users to change passwords on local and remote
accounts.
Users who access accounts using telnet, rlogin, or FTP either
to or from systems within the compromised domain should
change their passwords after the intruder's network monitor
has been disabled.
4. Notify remote sites connected from or through the local
domain of the network compromise.
Encourage the remote sites to check their systems for
unauthorized activity. Be aware that if your site routes
network traffic between external domains, both of these
domains may have been compromised by the network monitoring
software.
---------------------------------------------------------------------------
The CERT Coordination Center thanks the members of the FIRST community
as well as the many technical experts around the Internet who
participated in creating this advisory. Special thanks to Eugene
Spafford of Purdue University for his contributions.
---------------------------------------------------------------------------
If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in Forum of Incident
Response and Security Teams (FIRST).
Internet E-mail: cert(a)cert.org
Telephone: 412-268-7090 (24-hour hotline)
CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4),
and are on call for emergencies during other hours.
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Past advisories, information about FIRST representatives, and other
information related to computer security are available for anonymous
FTP from info.cert.org.
---------------------------------------------------------------------------
Appendix A:
RECOVERING FROM A UNIX ROOT COMPROMISE
A. Immediate recovery technique
1) Disconnect from the network or operate the system in
single- user mode during the recovery. This will keep users
and intruders from accessing the system.
2) Verify system binaries and configuration files against the
vendor's media (do not rely on timestamp information to
provide an indication of modification). Do not trust any
verification tool such as cmp(1) located on the compromised
system as it, too, may have been modified by the intruder.
In addition, do not trust the results of the standard UNIX
sum(1) program as we have seen intruders modify system
files in such a way that the checksums remain the same.
Replace any modified files from the vendor's media, not
from backups.
-- or --
Reload your system from the vendor's media.
3) Search the system for new or modified setuid root files.
find / -user root -perm -4000 -print
If you are using NFS or AFS file systems, use ncheck to
search the local file systems.
ncheck -s /dev/sd0a
4) Change the password on all accounts.
5) Don't trust your backups for reloading any file used by
root. You do not want to re-introduce files altered by an
intruder.
B. Improving the security of your system
1) CERT Security Checklist
Using the checklist will help you identify security
weaknesses or modifications to your systems. The CERT
Security Checklist is based on information gained from
computer security incidents reported to CERT. It is
available via anonymous FTP from info.cert.org in the file
pub/tech_tips/security_info.
2) Security Tools
Use security tools such as COPS and Tripwire to check for
security configuration weaknesses and for modifications
made by intruders. We suggest storing these security
tools, their configuration files, and databases offline or
encrypted. TCP daemon wrapper programs provide additional
logging and access control. These tools are available via
anonymous FTP from info.cert.org in the pub/tools
directory.
3) CERT Advisories
Review past CERT advisories (both vendor-specific and
generic) and install all appropriate patches or workarounds
as described in the advisories. CERT advisories and other
security-related information are available via anonymous
FTP from info.cert.org in the pub/cert_advisories
directory.
To join the CERT Advisory mailing list, send a request to:
cert-advisory-request(a)cert.org
Please include contact information, including a telephone number.
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Copyright (c) Carnegie Mellon University 1994
---------------------------------------------------------------------------
Appendix B:
ONE-TIME PASSWORDS
Given today's networked environments, CERT recommends that sites
concerned about the security and integrity of their systems and
networks consider moving away from standard, reusable passwords. CERT
has seen many incidents involving Trojan network programs (e.g.,
telnet and rlogin) and network packet sniffing programs. These
programs capture clear-text hostname, account name, password triplets.
Intruders can use the captured information for subsequent access to
those hosts and accounts. This is possible because 1) the password is
used over and over (hence the term "reusable"), and 2) the password
passes across the network in clear text.
Several authentication techniques have been developed that address
this problem. Among these techniques are challenge-response
technologies that provide passwords that are only used once (commonly
called one-time passwords). This document provides a list of sources
for products that provide this capability. The decision to use a
product is the responsibility of each organization, and each
organization should perform its own evaluation and selection.
I. Public Domain packages
S/KEY(TM)
The S/KEY package is publicly available (no fee) via
anonymous FTP from:
thumper.bellcore.com /pub/nmh directory
There are three subdirectories:
skey UNIX code and documents on S/KEY.
Includes the change needed to login,
and stand-alone commands (such as "key"),
that computes the one-time password for
the user, given the secret password and
the S/KEY command.
dos DOS or DOS/WINDOWS S/KEY programs. Includes
DOS version of "key" and "termkey" which is
a TSR program.
mac One-time password calculation utility for
the Mac.
II. Commercial Products
Secure Net Key (SNK) (Do-it-yourself project)
Digital Pathways, Inc.
201 Ravendale Dr.
Mountainview, Ca. 94043-5216
USA
Phone: 415-964-0707
Fax: (415) 961-7487
Products:
handheld authentication calculators (SNK004)
serial line auth interruptors (guardian)
Note: Secure Net Key (SNK) is des-based, and therefore restricted
from US export.
Secure ID (complete turnkey systems)
Security Dynamics
One Alewife Center
Cambridge, MA 02140-2312
USA
Phone: 617-547-7820
Fax: (617) 354-8836
Products:
SecurID changing number authentication card
ACE server software
SecureID is time-synchronized using a 'proprietary' number
generation algorithm
WatchWord and WatchWord II
Racal-Guardata
480 Spring Park Place
Herndon, VA 22070
703-471-0892
1-800-521-6261 ext 217
Products:
Watchword authentication calculator
Encrypting modems
Alpha-numeric keypad, digital signature capability
SafeWord
Enigma Logic, Inc.
2151 Salvio #301
Concord, CA 94520
510-827-5707
Fax: (510)827-2593
Products:
DES Silver card authentication calculator
SafeWord Multisync card authentication calculator
Available for UNIX, VMS, MVS, MS-DOS, Tandum, Stratus, as well as
other OS versions. Supports one-time passwords and super
smartcards from several vendors.
---------------------------------------------------------------------------
Appendix C:
cpm 1.0 README FILE
cpm - check for network interfaces in promiscuous mode.
Copyright (c) Carnegie Mellon University 1994
Thursday Feb 3 1994
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
This program is free software; you can distribute it and/or modify
it as long as you retain the Carnegie Mellon copyright statement.
It can be obtained via anonymous FTP from info.cert.org:pub/tools/cpm.tar.Z.
This program is distributed WITHOUT ANY WARRANTY; without the IMPLIED
WARRANTY of merchantability or fitness for a particular purpose.
This package contains:
README
MANIFEST
cpm.1
cpm.c
To create cpm under SunOS, type:
% cc -Bstatic -o cpm cpm.c
On machines that support dynamic loading, such as Sun's, CERT recommends
that programs be statically linked so that this feature is disabled.
CERT recommends that after you install cpm in your favorite directory,
you take measures to ensure the integrity of the program by noting
the size and checksums of the source code and resulting binary.
The following is an example of the output of cpm and its exit status.
Running cpm on a machine where both the le0 and le2 interfaces are
in promiscuous mode, under csh(1):
% cpm
le0
le2
% echo $status
2
%
Running cpm on a machine where no interfaces are in promiscuous
mode, under csh(1):
% cpm
% echo $status
0
%
1
0
Scott,
> I have asked the question many time. "What is a provider?". Once the
> CIDR allocation started the "Providers" came out of the woodworks.
> No one so far has given an answer to the question that the majority can
> agree with. I will not be at the regional tech meeting in CA but Mark will.
> I don't know a group better suited to answer the question that established
> providers. Do us a favor and come up with a proposed answer to "What is a
> provider". I will work with NSF and Postel to make it policy. This would
> make our life easier.
I think we have to be very careful here. When we make policy that
adversely affects someone's business interests we're just begging for
a suit. Especially with the *perceived* "shortage" or IPv4
addresses. It seems to me that it would be very difficult to exclude
anybody from the category of "provider" (for the purpose of giving
him or her addresses) who has even the flimsiest claim to being one.
Perhaps some sliding scale based on demonstrated need would work.
But it would have to be conservative (liberal?) and easily quantified
to make it defensible.
--Richard
3
3
The ANS NOC (formerly part of Merit) has been located on the North
Campus of the University of Michigan for many years now. Many of you,
have visited us at one time or another.
We have grown considerably in the past two years and the University
was not able to accomodate our growing space needs. So with mixed
feelings, we started looking for another suitable space in Ann Arbor.
I am pleased to report that on February 7, the ANS Network Operations
Center will be moving to our new location, where we have over 11,000
square feet of freshly renovated space.
Our new address will be:
Advanced Network & Services, Inc.
100 Phoenix Dr.
Ann Arbor, MI 48108-2202
Our 800 number will remain the same; 800-456-6300. The local NOC number,
however, will change to 313-677-7333. The new general number for ANS in
Ann Arbor will be 313-677-7300.
We will be staging the moving of the various NOC systems, equipment
and staff, so as to assure a smooth transistion and prevent any
service disruptions.
And you are all, of course, invited to see our new place...
Regards,
John
1
0